Security News > 2020 > June > OK Windows 10, we get it: You really do not want us to install this unsigned application. But 7 steps borders on ridiculous
The application is free and open source, but he still has to pay for a code-signing certificate to avoid potential users being put off by warnings when they try to download and install.
Warning or preventing users from installing unverified applications is commonplace in today's operating systems, but does Windows go too far? We counted seven steps needed to download and install the open-source audio package Ardour 6, which is both unsigned and newly released, using the latest Edge and Windows 10.
User Account Control kicks in, coloured orange for warning, saying: "Do you want to allow this app from an unknown publisher to make changes to your device?" Only after again clicking "Yes" does the application install.
Developer Marc Jeanmougin told us they don't bother to sign because "On Windows you can usually bypass all warnings." That said, the installer is signed for the Windows 10 Store and for macOS, where "We don't really have a choice."
Windows Defender SmartScreen is inconvenient at times but that is less troublesome than a compromised PC. Microsoft is right in that an unsigned application could be tampered with and should not be trusted.
News URL
Related news
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Windows 10 KB5046714 update fixes bug preventing app uninstalls (source)
- New Windows 10 0x80073CFA fix requires installing WinAppSDK 3 times (source)
- Windows 10 KB5048652 update fixes new motherboard activation bug (source)
- Windows 10 users urged to upgrade to avoid "security fiasco" (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)